On Mon, Oct 26, 2015 at 08:57:15AM -0700, [email protected] wrote: > The reasons why this subCAs don't figure in request are: > - "AC FNMT Usuarios" doesn't issue server certificates > - ISA CA server certificates are issued exlusively to a very restricted > (almost private) environment
Unless there are technical constraints on the intermediate CA certificates representing those subCAs which make it impossible for them to issue TLS or S/MIME certificates, they are in-scope for this inclusion request, because they are a potential source of misissuance which puts users of the Mozilla trust store at risk. - Matt _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
